If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Network Packet Sniffer

I've been having trouble finding a good packet sniffer. Are there anyones that sniff packets on a LAN and not just the packetes that go to the computer. Because I have ones that sniff only packets coming to my computer and out, but are there ones that would sniff packets on a whole network?

Well here's one for you.. how are your connected to the LAN? Because if you are going into a switch then you'll only be able to sniff packets destined for your computer. If you are on a hub, that anything that listens to the wire will show you every packet because by definition ethernet is a broadcast technology. I really wish you people would research this stuff before you post your questions. There are tons of packet sniffers out there, there are many listed on this website. They are talked about regularly. A search on AO or on google, or anywhere else for that matter would have revealed several, including the god of packet sniffing Ethereal. No i'm not giving you the link, figure it yourself. Before you say hey, I'm going to sit and sniff other peoples packets (quite often illegal btw), you should know what the hell you are doing and a little bit about the technologies involved. If anyone wants to neg me and call me a jackass for this one as well.. bring it on, because what I've said is the truth, do some damned research and learn a thing or two instead of asking to be spoonfed.

HT

IT Blog: .:Computer Defense:.PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

I wont call you a jack ass!!! but I think you were too quick to respond w/o understanding the full features of a switch.

Your comment:
"Because if you are going into a switch then you'll only be able to sniff packets destined for your computer" is not totally accurate...........This is the default feature....
You can however span a port to mirror any port/s and or VLANs you want therefore allowing you to sniff any traffic on the switch you are connected to.

Just an FYI...

P.S.

Just another note...Ethernet is a broadcast technology wether you are using a hub or a switch.....Another false statement...Sniffers/protocol analyzers monitor collision domains nothing to do with broadcast domains..

Yes this is true, and yes I do know that.. however this person doesn't even grasp the simple concept of sniffing, there is no way it is their own switch (also if it's a home LAN, most low-end switches don't support this feature). I didn't want to get over their head.. I decided to leave it at the basics, since the odds are he's in a res. or something like that and plugged into a switch port that he has no control over.

IT Blog: .:Computer Defense:.PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

Actually that's not true, you can sniff a high end, say cisco switch, if it doesn't have vlans defined, by continually corrupting/resetting the mac table, which causes it to broadcast all packets out all ports inorder to rebuild the table. There are sniffers that do this.

There are plenty of ways to sniff other computers on a switch that don't have a "mirror port" on them. The biggest problem is that to sniff all traffic, if you don't have a mirror port, you will have extream ammounts of data going across the switch and actually cause it to run slower then the equavlent speed hub.